dataplane to enhance your Kubernetes networking performance. Click Inventory report
To create an Inventory report, create a GlobalReport with the reportType
set to inventory.
The following sample command creates a GlobalReport that results in a daily inventory report for
endpoints in the public namespace.
kubectl apply -f - << EOF
apiVersion: projectcalico.org/v3
kind: GlobalReport
metadata:
name: daily-public-inventory-report
labels:
deployment: production
spec:
reportType: inventory
endpoints:
namespaces:
names:
- public
schedule: 0 0 * * *
EOF
Downloadable reports
summary.csv
A summary CSV file that includes details about the report parameters and the top level counts.
| Heading | Description | Format |
|---|---|---|
| startTime | The report interval start time. | RFC3339 string |
| endTime | The report interval end time. | RFC3339 string |
| endpointSelector | The endpoint selector used to restrict in-scope endpoints by endpoint label selection. | selector string |
| namespaceNames | The set of namespace names used to restrict in-scope endpoints by namespace. | ";" separated list of namespace names |
| namespaceSelector | The namespace selector used to restrict in-scope endpoints by namespace label selection. | selector string |
| serviceAccountNames | The set of service account names used to restrict in-scope endpoints by service account. | ";" separated list of service account names |
| serviceAccountSelectors | The service account selector used to restrict in-scope endpoints by service account label selection. | selector string |
| endpointsNumInScope | The number of enumerated endpoints that are in-scope according to the requested endpoint selection options. | number |
| endpointsNumIngressProtected | The number of in-scope endpoints that were always ingress protected during the report interval. | number |
| endpointsNumEgressProtected | The number of in-scope endpoints that were always egress protected during the report interval. | number |
| namespacesNumInScope | The number of namespaces containing in-scope endpoints. | number |
| namespacesNumIngressProtected | The number of namespaces whose in-scope endpoints were always ingress protected during the report interval. | number |
| namespacesNumEgressProtected | The number of namespaces whose in-scope endpoints were always egress protected during the report interval. | number |
| serviceAccountsNumInScope | The number of service accounts associated with in-scope endpoints. | number |
endpoints.csv
An endpoints CSV file that includes per-endpoint information.
| Heading | Description | Format |
|---|---|---|
| endpoint | The name of the endpoint. | string |
| ingressProtected | Whether the endpoint was always ingress protected during the report interval. | bool |
| egressProtected | Whether the endpoint was always egress protected during the report interval. | bool |
| envoyEnabled | Whether the endpoint was always Envoy enabled during the report interval. | bool |
| appliedPolicies | The full set of policies that applied to the endpoint at any time during the report interval. | ";" separated list of policy names |
| services | The full set of services that included this endpoint at any time during the report interval. | ";" separated list of service names |
namespaces.csv
A namespaces CSV file that includes per-namespace information.
| Heading | Description | Format |
|---|---|---|
| namespace | The name of the namespace. | string |
| ingressProtected | Whether all in-scope endpoints within the namespace were always ingress protected during the report interval. | bool |
| egressProtected | Whether all in-scope endpoints within the namespace were always egress protected during the report interval. | bool |
| envoyEnabled | Whether all in-scope endpoints within the namespace were always Envoy enabled during the report interval. | bool |
services.csv
A services CSV file that includes per-service information.
| Heading | Description | Format |
|---|---|---|
| service | The name of the service. | string |
| ingressProtected | Whether all in-scope endpoints that are in the service were always ingress protected during the report interval. | bool |
| envoyEnabled | Whether all in-scope endpoints that are in the service were always Envoy enabled during the report interval. | bool |